Abstract

We examine and compare data and privacy governance by four China-based mobile applications and their international versions: Baidu, Toutiao and its international version TopBuzz, Douyin and its international version TikTok, and WeChat. Together, these four applications represent popular Chinese apps branching into diverse overseas markets such as Europe, Brazil, North America, and Southeast Asia. We first present an overview of the ownership, functions, business models and strategies of the reviewed apps. To study the app's interface design, we employ the walkthrough method to examine privacy features during the account registration and deletion stages in app usage. Lastly, we conducted content analysis of the terms of service and privacy policies to establish the app's data collection, storage, transfer, use, and disclosure measures. Our analysis showed variations across apps and within the Chinese and international-facing versions in their data and privacy governance in app design and policies. Baidu has the most unsatisfactory data and privacy protection measures, while ByteDance's TikTok/Douyin and TopBuzz/Toutiao offer more comprehensive user protection from different jurisdictions. Moreover, this paper highlights the role of platform owners (e.g., Google and Apple) in gatekeeping mobile app privacy standards and the role of the state in imposing a data protection framework on overseas versions of China-based mobile apps.

Highlights

  • This paper is part of Geopolitics, jurisdiction and surveillance, a special issue of Internet Policy Review guest-edited by Monique Mann and Angela Daly

  • To examine how globalising Chinese mobile apps respond to the varying data and privacy governance standards when operating overseas, we compare the Chinese and overseas version of four sets of China-based mobile applications: (1) Baidu mobile browser - a mobile browser with a built-in search engine owned and developed by Chinese internet company Baidu, (2) Toutiao and TopBuzz - mobile news aggregators developed and owned by ByteDance, (3) Douyin and TikTok - mobile short video-sharing platforms developed and owned by ByteDance, with the former only available in Chinese app stores and the later exclusively in international app stores, and (4) WeChat and Weixin - a social application developed and owned by Chinese internet company Tencent

  • We employ a mixed-method approach to investigate how globalising Chinese mobile apps differ in data and privacy governance between Chinese and international versions accessed through Canadian app stores

Read more

Summary

METHODS

We employ a mixed-method approach to investigate how globalising Chinese mobile apps differ in data and privacy governance between Chinese and international versions accessed through Canadian app stores. To study how mobile apps structure and shape end users’ experience with regards to data and privacy protection, we deployed the walkthrough method (Light, Burgess, & Duguay, 2018). We tested both the Android and iOS version of the same app. We conducted content analysis of the privacy policies and terms of service of each mobile app These documents demonstrate the governance by mobile apps as well as the governance of mobile apps within certain jurisdictions. We conducted content analysis of mobile app privacy policies and terms of service along five dimensions: data collection, usage, disclosure, transfer, and retention. We looked for items that detailed the types of information collected, the app’s definitions of personally identifiable information, and the possibility to opt out of the data collection process; for data usage, we looked for terms and conditions that delineated third party use; for disclosure, we looked at whether the examined app would notify its users in case of privacy update, merger and acquisitions, and data leakages; for data transfer and retention, we examined whether app specified security measures such as encryption of user data, emergency measures in case of data leaks, terms and conditions of data transfer, as well as the specific location and duration of data retention

RESEARCH LIMITATIONS
A EU representative is listed
Findings
CONCLUSION

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.